Meltdown & Spectre Vulnerabilities. What You Need to Know

Meltdown and Spectre are recently discovered hardware design flaws in the main processing chip – the CPU – in most modern computers. It turns out this design flaw has actually been present for years but has only recently been identified. These vulnerabilities affect PCs, Macs, desktops, notebooks, tablets, and even smartphones. And if you’re running applications in the Cloud, Cloud Providers that use Intel CPUs are also affected.

This is a big deal because it affects almost every computer and server on your network – Mac or PC. The design flaw, if exploited by specially crafted software, allows stealing of data that is being processed in your computer’s memory. Normally this couldn’t happen as applications and their data are kept isolated from each other, but this hardware bug breaks that isolation.

So if cyber criminals are able to get malicious software running on your computer either via malware or an infected website, they can gain access to your passwords stored in a password manager or browser, your emails, instant messages, and even business-critical documents.

So what to do?

First, if you are a MicroData Complete Care, Select Care, or Private Cloud customer, we’ve already implemented a remediation plan and there’s nothing you will need to do. Taking care of Meltdown and Spectre involves patching and updating all machines on your network and in many cases making modifications to the underlying operating system. These fixes will take some time as some patches won’t be released for several days.

If you’re managing your own security you’ll need to obtain the relevant patches for your operating systems, examine your antivirus software to make sure it will work properly with the patches and modify/update if not, and then apply the updates to all systems.

MicroData has tools that permit company-wide implementation of these patches and required changes, so if you need assistance contact us at 800.924.8167 or at microdata.com.

As always, but particularly until you get these updates applied, be extra vigilant of email links you click on and websites you visit.